<?php

/**
 * @author Tu Phan
 * @copyright 2012
 */

if (isset($_GET['act'])) $act = $_GET['act'];

$list_url = "index.php?mod=user&act=list";
$delete_url = $list_url . "&task=delete&id=";
$add_url = "index.php?mod=user&act=add";
$edit_url = "index.php?mod=user&act=edit&id=";
?>

<div id="action-menu">
    <ul>
        <li><a class="list-action" href="<?php echo $list_url ?>">Quản lý người dùng</a></li>
        <li><a class="add-action" href="<?php echo $add_url ?>">Thêm người dùng</a></li>
    </ul>
</div>

<div id="main-content">
<?php

if ($act == "list") {
?>
    <h3 class='action-title'>Danh sách người dùng </h3>
    <?php
    if (isset($_GET['task']) && $_GET['task'] == 'delete') {
        if (isset($_GET['id'])) $id = $_GET['id'];
        if (isset($_GET['username'])) $username = $_GET['username'];
        $sql = "delete from users where id = $id";
        if ($db->query($sql)) notice("Đả xóa người dùng: <strong>$username</strong>.");
        else notice("Lổi: chưa xóa được người dùng.");
    }
    ?>
    <div id="list-posts">
        <div class="header-list">
            <label class="header-username">Tài khoản</label>
            <label class="header-email">Email</label>
            <label class="header-level">Group</label>
            <label class="header-date">Ngày đăng ký</label>
            <label class="header-edit">Sửa</label>
            <label class="header-delete">Xóa</label>
            <div class="clear"></div>
        </div>
        <?php
            $page = (isset($_GET['page'])) ? $_GET['page'] : 1;
            $limit = $config['news_per_page'];
            $start = $start = $limit * ($page - 1);
            $sql = "select * from users order by id desc limit $start, $limit ";
            $data = $db->get_data($db->query($sql));
            
            if (!empty($data)) :
            foreach ($data as $user) :
                $edit_user = $edit_url.$user['id'];
                $delete_user = $delete_url.$user['id']."&username=".$user['username'];
                $level = ($user['level'] == 2) ? 'Quản trị' : 'Thành viên';
        ?>
        <div class="row-post">
            <label class="header-username"><a href="<?php echo $edit_user ?>"><?php echo $user['username'] ?></a></label>
            <label class="header-email"><?php echo $user['email'] ?></label>
            <label class="header-level"><?php echo $level ?></label>
            <label class="header-date"><?php echo $user['date_reg'] ?></label>
            <label class="header-edit"><a href="<?php echo $edit_user ?>" class="edit-post" title="Sửa">Sửa</a></label>
            <label class="header-delete"><a href="<?php echo $delete_user ?>" class="delete-post" title="Xóa">Xóa</a></label>
            <div class="clear"></div>
        </div>
        <?php
            endforeach;
            endif;
            $link = $list_url . "&page=";
            $total = $db->total_rows('users');
            ViewPages($config['news_per_page'], "user", "users");
        ?>
    </div>
    


<?php
} else if ($act == "add") {
    echo "<h3 class='action-title'>Thêm người dùng mới</h3>";
    
    if (isset($_POST['submit'])) {
        $username = urldecode(stripslashes($_POST['username']));
        $password = md5(urldecode(stripslashes($_POST['password'])));
		$email = urldecode(stripslashes($_POST['email']));
		$fullname = urldecode(stripslashes($_POST['fullname']));
		$username = urldecode(stripslashes($_POST['username']));
		$address = urldecode(stripslashes($_POST['address']));
		$level = urldecode(stripslashes($_POST['level']));
        $date_reg = date('Y-m-d h:i:s');

        $sql = "insert into users (username,password,email,fullname,address,level,date_reg) values 
                            ('{$username}','{$password}','{$email}','{$fullname}','{$address}',{$level},'{$date_reg}')";
        if ($db->query($sql)) notice("Đã cập nhật người dùng.");
        else notice("Lỗi: chưa cập nhật được.");
    }
?>

    <form id="add-user" method="post" action="">
		<p class="user-row">
			<label class="user-label">Tài khoản</label>
			<input name="username" type="text" size="40" class="required" minlength="4" />
		</p>
		<p class="user-row">
			<label class="user-label">Mật khẩu</label>
			<input name="password" type="password" size="30" class="required" minlength="6"  />
		</p>
        <p class="user-row">
			<label class="user-label">Email</label>
			<input name="email" type="text" size="40" class="required email" />
		</p>
		<p class="user-row">
			<label class="user-label">Họ tên</label>
			<input name="fullname" type="text" size="40" />
		</p>
		<p class="user-row">
			<label class="user-label">Địa chỉ</label>
			<input name="address" type="text" size="40" />
		</p>
		<p class="user-row">
			<label class="user-label">Phân quyền</label>
			<select name="level">
				<option value="1">Thành viên</option>
				<option value="2">Quản trị</option>
			</select>
		</p>
        <p class="user-row">
			<input type="submit" name="submit" class="button" value="Cập nhật" />
			<input type="reset" name="reset" class="button" value="Hủy" />
		</p>
    </form>
	
	<script>
	$("#add-user").validate();
	</script>

<?php
} else if ($act == "edit") {
    echo "<h3 class='action-title'>Sủa người dùng</h3>";
    $id = (isset($_GET['id'])) ? $_GET['id'] : 0;
    if (isset($_POST['submit'])) {
        $username = urldecode(stripslashes($_POST['username']));
        $password = md5(urldecode(stripslashes($_POST['password'])));
		$email = urldecode(stripslashes($_POST['email']));
		$fullname = urldecode(stripslashes($_POST['fullname']));
		$username = urldecode(stripslashes($_POST['username']));
		$address = urldecode(stripslashes($_POST['address']));
		$level = urldecode(stripslashes($_POST['level']));

        $sql = "update users set username='$username', password='$password', email='$email', fullname='$fullname', address='$address', level=$level where id = $id";
        if ($db->query($sql)) notice("Đã cập nhật người dùng.");
        else notice("Lỗi: chưa cập nhật được.");
    }
	
	$sql = "select * from users where id = $id";
    $data = $db->fetch_array($db->query($sql));
    if (!empty($data)) :
?>

    <form id="add-user" method="post" action="">
		<p class="user-row">
			<label class="user-label">Tài khoản</label>
			<input name="username" type="text" size="40" class="required" minlength="4" value="<?php echo $data['username'] ?>" />
		</p>
		<p class="user-row">
			<label class="user-label">Mật khẩu</label>
			<input name="password" type="password" size="30" class="required" minlength="6" />
		</p>
        <p class="user-row">
			<label class="user-label">Email</label>
			<input name="email" type="text" size="40" class="required email" value="<?php echo $data['email'] ?>" />
		</p>
		<p class="user-row">
			<label class="user-label">Họ tên</label>
			<input name="fullname" type="text" size="40" value="<?php echo $data['fullname'] ?>" />
		</p>
		<p class="user-row">
			<label class="user-label">Địa chỉ</label>
			<input name="address" type="text" size="40" value="<?php echo $data['address'] ?>" />
		</p>
		<p class="user-row">
			<label class="user-label">Ngày tham gia</label>
			<input name="date_reg" type="text" size="40" value="<?php echo $data['date_reg'] ?>" />
		</p>
		<p class="user-row">
			<label class="user-label">Phân quyền</label>
			<select name="level">
				<option value="1" <?php if ($data['level'] == 1) echo "selected='selected'"  ?> >Thành viên</option>
				<option value="2" <?php if ($data['level'] == 2) echo "selected='selected'"  ?> >Quản trị</option>
			</select>
		</p>
        <p class="user-row">
			<input type="submit" name="submit" class="button" value="Cập nhật" />
			<input type="reset" name="reset" class="button" value="Hủy" />
		</p>
    </form>
	
	<script>
	$("#add-user").validate();
	</script>

<?php
	endif;
}
?>
</div>